Full-Time Information and Technology Senior Audit Advisor
Job Description
Job Summary
The Information and Technology Audit Advisor is responsible for assisting the Internal Audit team in accomplishing its objectives by bringing a systematic and focused approach to evaluate and improve the effectiveness of CN’s governance, risk management, and internal control.
Main Responsibilities
· Perform I&T and special audit projects to mitigate the company’s information, cyber and operational technology risks
· Support the planning and development of audit programs and perform audit projects based on a risk assessment approach
· Evaluate system risks, controls, and residual exposure for existing systems and processes
· Identify opportunities for improvement designed to add value and improve the organization’s operations
· Provide accurate, timely, clear, and concise audit results to Management
· Develop action plans with Management that remedy the risks in an acceptable time frame
· Follow-up and report progress on achieving strategic goals defined in the Management Action Plan
· Improve the audit process through innovation
· Keep abreast of new auditing techniques and technologies
· Perform testing of key I&T controls over financial reporting
Working Conditions
The role has standard working conditions in an office environment with a regular workweek from Monday to Friday. Due to the nature of the role, the incumbent must be able to meet tight deadlines, handle pressure, and stress. The role may require occasional travel.
Requirements
Experience
Internal Audit
· Minimum 2 years of experience in internal audit in a medium to large-sized organization
· Minimum 2 years of experience in Information or Operational Technology Security
· Experience working with the established cybersecurity standards and frameworks
· Experience in performing compliance and advisory audit projects
· Experience with data analytics and data visualization tools*
*Any experience for these above would be considered as an asset
Education/Certification/Designation
· Master’s in Business Administration or a Bachelor’s Degree in Computer Sciences, Information Systems, or equivalent
· Possessing one of the following one of the following security certifications will be considered an asset: Certified Information System Security Professional (CISSP), Certified Information System Auditor (CISA), or Certified Information Security Manager (CISM).
Competencies
· Identifies potential safety and security risks
· Collaborates with others and shares information
· Communicates with impact
· Demonstrates agility and drives change
· Knows the business and stays current on industry needs
· Applies critical thinking
· Solves problems to create value
Technical Skills/Knowledge
· Knowledge of auditing procedures and risk assessment
· Good knowledge of I&T best practices and frameworks (e.g., Control Objectives for Information Technologies (COBIT) and Information Technology Infrastructure Library (ITIL))
· Knowledge of Committee of Sponsoring Organizations of the Treadway Commission (COSO)*
· Knowledge of Sarbanes Oxley (SOX)*
· Fluently bilingual both written and verbal (English, French)*
*Any knowledge for any of the above would be considered as an asset
About CN
CN is a world-class transportation leader and trade-enabler. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. As the only railroad connecting Canada’s Eastern and Western coasts with the Southern tip of the U.S. through a 19,500 mile rail network, CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919. CN is committed to programs supporting social responsibility and environmental stewardship. At CN, we work as ONE TEAM, focused on safety, sustainability and our customers, providing operational and supply chain excellence to deliver results.
381 total views, 3 today